Skip to main content
CVE-2022-4689 HIGH POC PATCH This Week

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-4688 HIGH POC PATCH This Week

Improper Authorization in GitHub repository usememos/memos prior to 0.9.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-4684 HIGH POC PATCH This Week

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2022-4665 HIGH POC PATCH This Week

Unrestricted Upload of File with Dangerous Type in GitHub repository ampache/ampache prior to 5.5.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload Ampache
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-4687 HIGH POC PATCH This Week

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Memos
NVD GitHub
CVSS 3.1
8.1
EPSS
0.6%
CVE-2022-46171 HIGH POC PATCH This Week

Tauri is a framework for building binaries for all major desktop platforms. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Tauri
NVD GitHub
CVSS 3.1
7.7
EPSS
1.0%
CVE-2022-23854 HIGH POC THREAT This Week

AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Intouch Access Anywhere
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
46.0%
CVE-2022-43551 HIGH POC THREAT This Week

A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Curl Fedora Active Iq Unified Manager Oncommand Insight +3
NVD
CVSS 3.1
7.5
EPSS
16.5%
CVE-2022-40899 HIGH POC PATCH This Week

An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Python Denial Of Service Python Future
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-40898 HIGH POC PATCH This Week

An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python Denial Of Service Wheel
NVD GitHub
CVSS 3.1
7.5
EPSS
2.7%
CVE-2022-47942 HIGH PATCH This Week

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.1
8.8
EPSS
3.6%
CVE-2022-41290 HIGH PATCH This Week

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

IBM Privilege Escalation Vios Aix
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2022-47633 HIGH PATCH This Week

An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Kubernetes Kyverno
NVD GitHub
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-47943 HIGH PATCH This Week

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.1
8.1
EPSS
3.5%
CVE-2022-47940 HIGH PATCH This Week

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Linux Buffer Overflow Linux Kernel
NVD GitHub
CVSS 3.1
8.1
EPSS
1.4%
CVE-2022-23539 HIGH PATCH This Week

Versions `<=8.5.1` of `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Jsonwebtoken
NVD GitHub
CVSS 3.1
8.1
EPSS
0.5%
CVE-2022-28229 HIGH This Week

The hash functionality in userver before 42059b6319661583b3080cab9b595d4f8ac48128 allows attackers to cause a denial of service via crafted HTTP request, involving collisions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Userver
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-47941 HIGH PATCH This Week

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 3.1
7.5
EPSS
4.9%
CVE-2022-33324 HIGH PATCH This Week

Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU Firmware versions "32" and prior, Mitsubishi Electric Corporation MELSEC iQ-R. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Melsec Iq R R00 Cpu Firmware Melsec Iq R R01 Cpu Firmware Melsec Iq R R02 Cpu Firmware Melsec Iq R R04 Cpu Firmware +15
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2022-46570 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46569 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2022-46568 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46566 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46563 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46562 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46561 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-46560 HIGH This Week

D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption D-Link Buffer Overflow Dir 882 A1 Firmware
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-38757 HIGH This Week

A vulnerability has been identified in Micro Focus ZENworks 2020 Update 3a and prior versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Zenworks
NVD
CVSS 3.1
7.2
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy